PSAMP is what allows the Catalyst 4948E to support NetFlow-Lite and it is the first switch from Cisco to support IPFIX.  This feature demonstrates Cisco’s commitment to IPFIX, a protocol slowly gaining ground on Cisco’s NetFlow in popularity.  The main difference being that IPFIX is the proposed flow standard in RFC 5101 and 5102.  Did you know that Cisco is one of the major proponents of IPFIX? Read more »

James

For a 30 day Trial of Scrutinizer, Click Here to Download!

Join the NetFlow Developments group on LinkedIn.

NetFlow probes allow for advanced traffic analysis in areas of your network that don’t have the required hardware to export NetFlow data. While I was on a support call with one of our customers they showed me a map of their NetFlow probe implementation and I was in awe with how many Windows NetFlow probes and Linux NetFlow probes that they’ve deployed on their network to allow for advanced NetFlow traffic analysis.

Read more »

Paul Dube

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

We’ve had many requests from people using our NetFlow, sFlow and IPFIX analyzer for the ability to view and save reports in PDF format and with our v8.5 release, NetFlow PDF reporting is now available.

Read more »

Paul Dube

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

While doing a demonstration of the reporting capabilities of Scrutinizer last week, I had a customer ask, “How can I monitor Netflix traffic?”

There are a couple of ways that this can be done.

If you have Cisco routers, and are running IOS 15.1 or higher, there is an option to enable NBAR. Using Flexible NetFlow, we create a user defined flow template by adding the collect NBAR application option parameters to the flow record. Then it is just a matter of selecting the NBAR report filters available in Scrutinizer.

But I would like to show you a way to use a template option to capture and pass URL’s. We will be using nProbe to capture traffic from an interface on a device and export IPFIX templates to Scrutinizer.

The set up of nProbe is a simple process of using command line options to configure the template and create and start a nProbe service.

Once we see the device and interfaces in Scrutinizer, it is just a matter of adding filters to the report to isolate the Netflix traffic.

Read more »

Scott Robertson

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

Using Flexible NetFlow (FnF) to configure user defined templates, you have the ability to export layer 2 information such as MAC address, fragment identification and VLAN ID’s.

Using the right NetFlow and sFlow Analysis tool, gives you the ability to fully report on those user defined fields set up in the Flexible NetFlow templates.

Included in the reporting engine in Scrutinizer v8 is an advanced filter that lets you filter any report on any field found in the exported NetFlow template. 

Scrutinizer is currently the only product on the market that lets you do this.

Using the Advanced Filter, lets see how we can use those layer 2 user defined fields to filter a Conversation report on a MAC address and then exclude an interface from the report.

Read more »

One of the cool new features added to the reporting engine in the latest release of our NetFlow and sFlow Analysis tool is the Advanced Filter option. This filter lets you filter the data in any report on any field that is present in the exported template. So filtering reports on things like MAC addresses and Vlan ID’s are all possible.

Let’s take a look at a cool use of the MAC address filter.

We have our Cisco wireless access point plugged into our Enterasys N series NetFlow capable switch.  This allows us to look at the volume of traffic coming from the wireless devices.

The above is useful, but I wanted to narrow in on the hand held devices.  Specifically, I wanted to find out how much traffic is placed on the network when a person streams a NetFlix movie to their hand held.

Read more »

The nProbe configuration portion of this blog has been depreciated by the release of nProbe v6.1.1.  Please see our Recommended nProbe Templates blog for the most recent configuration.

The question, “How do I configure nProbe to export URL and Latency information?” has started to come up more often in support, so I want to take the time to demonstrate how to configure nProbe and how to analyze URLs and latency with NetFlow.

Read more »

Paul Dube

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

Intermittent jitter issues with voice and video can be one of the more challenging IT issues to troubleshoot. Since traditional NetFlow  reporting does not include latency information, we are somewhat limited in NetFlow Analysis. None the less, we have to work with what we got! 

Read more »

Michael Patterson
Scrutinizer Product Manager
Click to download Scrutinizer now!
Join NetFlow Developments on Linkedin.com

I was cleaning out one of my boxes of stuff the other day and I came across this post card that I received from the Business Software Alliance  about 10 years ago.

Read more »

Michael Patterson
Scrutinizer Product Manager
Click to download Scrutinizer now!
Join NetFlow Developments on Linkedin.com

Has your company adopted a social media policy yet?  Social Networking sites such as Facebook, Twitter, and MySpace are increasingly being considered threats for at least a couple big reasons:  security risks and traffic risks.

Use of social medias at work can pose security risks to the company’s intellectual property through an employee’s personal communication habits.  On occasion, attackers assume the identity of someone who hasn’t actually joined sites like facebook.  Then the attacker determines who this person’s friends or schoolmates are and sends friend requests.  Once befriended, the attacker has personal information of users and can make targeted attacks.  Social engineering tactics like this can be very effective, especially when they get users to start sharing URLs leading to malicious sites or spoofs of actual businesses such as your local bank.  In some countries, criminals are not banned from using sites like facebook when they are incarcerated, as The Washington Times recently reported.

Use of social medias at work can also pose network traffic problems for the company.  Read more »